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AMENDMENTS TO THE CLAIMS: 

This listing of claims replaces all prior versions and listings of claims in the 
application: 



LISTING OF CLAIMS : 

1. (Currently Amended) A method comprising: 

receiving, from a delegator, a designation of a role and a delegate to assume the role; 

receiving, from a credential service provider, an indication that the designation is valid; 

generating a delegation credential in response to receiving the indication; 

receiving a request from the delegate for access to a service; 

providing the delegation credential in response to the request; and 

sending the delegation credential to a verification service that compares the selected 
delegation credential to permissible delegation credentials for the delegate^] ; and 

generating a report via the verification service regarding usage of the delegation 
credential by the delegate. 



2. (Cancelled) 



3. (Previously Presented) The method of claim 1, wherein the delegation credential 
allows the delegate to access the service. 
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4. (Previously Presented) The method of claim 1 , further comprising: 

issuing a confirmation to the delegator which indicates that the delegation credential was 
generated. 

5. (Original) The method of claim 1, wherein the delegator can delegate multiple 
functions, the role comprising one of the multiple functions. 

6. (Previously Presented) The method of claim 1, wherein the delegation credential is 
issued to, and stored by, at least one of the delegate and a credential service provider. 

7. (Previously Presented) The method of claim 6, wherein the credential service 
provider receives the delegation credential from the delegate and an access requirement for 
access to the service from a relying party and determines if the delegation credential is valid for 
the access requirement. 

8. (Previously Presented) The method of claim 7, wherein the credential service 
provider determines if there is a pre-existing delegation credential that corresponds to the access 
requirement and provides the delegation credential that corresponds to the access requirement to 
the delegate. 
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9. (Original) The method of claim 8, wherein multiple delegation credentials correspond 
to the access requirement and the credential service provider provides the multiple delegation 
credentials to the delegate. 



10. (Previously Presented) The method of claim 9, wherein the delegate selects the 
delegation credential from among the multiple delegation credentials to use for the access 
requirement and the credential service provider provides the delegation credential to the relying 
party. 



11. (Currently Amended) A method comprising: 
receiving a request from a delegate for access to a service; 
obtaining delegation credentials for the delegate; 

determining which of the delegation credentials correspond to an access requirement for 
the service; 

providing, to the delegate, delegation credentials that correspond to the access 
requirement; and 

sending a selected delegation credential to a verification service that compares the 
selected delegation credential to permissible delegation credentials for the delegateM ; and 

generating a report via the verification service regarding usage of the delegation 
credential by the delegate. 
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12. (Cancelled) 

13. (Previously Presented) The method of claim 11, further comprising: 
receiving, from the delegate, an indication corresponding to the selected delegation 

credential; and 

using the selected delegation credential to access the service if the selected delegation 
credential comprises a permissible delegation credential for the delegate. 

14. (Previously Presented) The method of claim 13, wherein sending is performed prior 
to using the selected delegation credential to access the service. 

15. (Previously Presented) The method of claim 13, further comprising: 

receiving an indication that the selected delegation credential is valid prior to using the 
selected delegation credential to access the service. 

16. (Previously Presented) A method comprising: 

receiving, from a delegate, a value corresponding to a confirmation code and an 
identifier, the confirmation code and the identifier corresponding to a delegator, the confirmation 
code being generated by a Web site visited by the delegate; 

identifying the delegator using at least one of the identifier and the confirmation code; 

assigning, to the delegate, a delegation credential that corresponds to the delegator; and 
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sending a message to the delegator indicating that the delegation credential has been 
assigned. 

17. (Cancelled) 

18. (Original) The method of claim 16, further comprising: 

storing the delegation credential in a database maintained by a delegation service 
provider. 

19. (Original) The method of claim 16, wherein identifying comprises checking a hash 
of the confirmation code to identify the delegator. 

20. (Previously Presented) A method comprising: 

receiving, from a delegate, a delegation request for a role of the delegator; 

receiving a value corresponding to a confirmation code from the delegate, the 
confirmation code being generated by a Web site visited by the delegate; 

receiving, from the delegator, a request for outstanding delegation requests; 

requesting approval from the delegator of an outstanding delegation request from the 
delegate; and 

receiving the confirmation code from the delegator in response to requesting approval. 
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21. (Original) The method of claim 20, further comprising: 

confirming the approval of the outstanding delegation request using the confirmation 

code. 



22. (Original) The method of claim 21, further comprising: 
receiving a digital credential from the delegator; and 

confirming that the received digital credential matches a digital credential of the 
delegator. 



23. (Currently Amended) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 

receive, from a delegator, a designation of a role and a delegate to assume the role; 

receive, from a credential service provider, an indication that the designation is valid; 

generate a delegation credential in response to receiving the indication; 

receive a request from the delegate for access to a service; 

provide the delegation credential in response to the request; aftd 

send the delegation credential to a verification service that compares the selected 
delegation credential to permissible delegation credentials for the delegateM ; and 

generate a report via the verification service regarding usage of the delegation credential 
by the delegate. 
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24. (Cancelled) 



25. (Previously Presented) The article of claim 23, wherein the delegation credential 
allows the delegate to access the service. 

26. (Previously Presented) The article of claim 23, further comprising instructions that 
cause the machine to: 

issue a confirmation to the delegator which indicates that the delegation credential was 
generated. 

27. (Original) The article of claim 23, wherein the delegator can delegate multiple 
functions, the role comprising one of the multiple functions. 

28. (Previously Presented) The article of claim 23, wherein the delegation credential is 
issued to, and stored by, at least one of the delegate and a credential service provider. 



29. (Currently Amended) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 

receive a request from a delegate for access to a service; 
obtain delegation credentials for the delegate; 
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determine which of the delegation credentials correspond to an access requirement for the 
service; 

provide, to the delegate, delegation credentials that correspond to the access requirement; 

ort/1 

ttnu 

send a selected delegation credential to a verification service that compares the selected 
delegation credential to permissible delegation credentials for the delegate^] - and 

generate a report via the verification service regarding usage of the delegation credential 
by the delegate. 

30. (Cancelled) 

31. (Previously Presented) The article of claim 29, further comprising instructions that 
cause the machine to: 

receive, from the delegate, an indication corresponding to the selected delegation 
credential; and 

use the selected delegation credential to access the service if the selected delegation 
credential comprises a permissible delegation credential for the delegate. 

32. (Previously Presented) The article of claim 31, wherein sending is performed prior 
to using the selected delegation credential to access the service. 



Applicants 
Serial No. 
Filed 
Page 



Ernie F. Brickell, et al. 
09/998,549 
November 28, 2001 
10 of 15 



Attorney's Docket No.: 10559-505001 
Intel Docket No.: P8790X 



33. (Previously Presented) The article of claim 31, further comprising instructions that 
cause the machine to: 

receive an indication that the selected delegation credential is valid prior to using the 
selected delegation credential to access the service. 

34. (Previously Presented) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 

receive, from a delegate, a value corresponding to a confirmation code and an identifier, 
the confirmation code and the identifier corresponding to a delegator, the confirmation code 
being generated by a Web site visited by the delegate; 

identify the delegator using at least one of the identifier and the confirmation code; 

assign, to the delegate, a delegation credential that corresponds to the delegator; and 

send a message to the delegator indicating that the delegation credential has been 



assigned 



35. (Cancelled) 



36. (Original) The article of claim 34, further comprising instructions that cause the 
machine to: 

store the delegation credential in a database maintained by a delegation service provider. 
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37. (Original) The article of claim 34, wherein identifying comprises checking a hash of 
the confirmation code to identify the delegator. 

38. (Previously Presented) An article comprising a machine-readable medium that stores 
executable instructions that cause a machine to: 

receive, from a delegate, a delegation request for a role of the delegator; 

receive a value corresponding to a confirmation code from the delegate, the confirmation 
code being generated by a Web site visited by the delegate; 

receive, from the delegator, a request for outstanding delegation requests; 

request approval from the delegator of an outstanding delegation request from the 
delegate; and 

receive the confirmation code from the delegator in response to requesting approval. 

39. (Original) The article of claim 38, further comprising instructions that cause the 
machine to: 

confirm the approval of the outstanding delegation request using the confirmation code. 

40. (Original) The article of claim 39, further comprising instructions that cause the 
machine to: 

receive a digital credential from the delegator; and 

confirm that the received digital credential matches a digital credential of the delegator. 



